ExtraHop Remote Working

ExtraHop Remote Working

Saying this year has been strange is, obviously, something of an understatement. Back in January I don’t expect anyone at Zoom expected their brand to become a genuine household name by now. IT professionals will have been exceptionally busy not just supporting business transformation from office to home working, but helping friends and families keep in touch.  There’s no escape once you are the go-to technical guru in your extended family!  I’ve ended up giving advice on Zoom / Skype meetings for school governors in Liverpool and helping a nephew build his first gaming PC (all socially distanced of course!).

Whilst family quizzes on Zoom and Skype sessions with grandparents have been essential for beating the boredom and retaining a degree of contact, they are also just two of the things which might be impacting on business remote access.  Are those family calls routing across a corporate connection as somebody forgot to disconnect their VPN into the office?  Visibility at protocol level can help identify gremlins such as retransmission timeouts and zero windows.  Likewise, analysis can help identify traffic destinations – if we don’t use Zoom in the business, why is it transiting my network?  A combination of these metrics can also aid help desks who, by default, now troubleshoot home broadband connections.  Is a user’s poor virtual desktop or application experience down to an issue in the datacentre or because they are competing for bandwidth with Netflix, Disney+ and Fortnite on their home WiFi?

Utilisation Metrics can provide critical information on capacity and associated bottlenecks.  If more capacity is needed, then you have hard facts to backup a business case for an upgrade.  On the other hand, if things are running smoothly, you can provide information to management to show previous investment has been money well spent and any considerations of reducing bandwidth to save money would impact on productivity.

Another impact of the current business climate is that budgets are being scrutinised more then ever now, so any new IT project must offer the highest amount of value to the business.  Thus, a platform such as ExtraHop Reveal(x), which builds on ExtraHop’s experience in Performance Analytics but adds industry leading Security Detection and Response becomes much more attractive.

The rush to home working in the UK led to a shortage of laptops and PCs.  To stay productive, some staff have been using their own home computing equipment.  Home networks and PCs are notorious for being a security nightmare, with unpatched routers, unsupported OSes, outdated AV and the like.  It is more important then ever to watch the activities of these devices when they are connected to a corporate Network.

VPN policies may have been relaxed but even so, some events represent actionable findings.  If a member of UK staff connects to the VPN from a North American IP address, are they perhaps using a commercial VPN service to access a US streaming service which has geo-location restrictions?  Or is it an attacker making use of compromised credentials?  Similarly, should a user be connected to the VPN from two different countries at the same time?

Further insight into Network traffic, obtained through Reveal(x)’s ability to decode over 50 Enterprise protocols, can also enhance Network Security.  If there is a sudden spike in Active Directory accounts being locked out, is this a sign of a brute force attack in progress?  By linking Security Detections, Reveal(x) can present alerts using the MITRE ATT&CK framework, enabling a responder to understand if the lockouts are user error or part of a more dangerous attack.

In summary, ExtraHop Reveal(x) can play an important part in assisting businesses to cope with the “new normal”.  Reveal(x) can help Operation and Security teams gain valuable insight into their Domains, with a wide range of off-the-shelf and custom integrations ensuring it is not just another siloed tool.  Take a look at ExtraHop’s Datasheet to find out tips for ensuring the availability and securing of remote access.

Chris Booth

Chris Booth

Solutions Architect

Listens to your problems, then identifies the best tools and products to build solutions.

Call us today on 01782 752 369
KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL

Business visibility in the new business normal

Business visibility in the new business normal

For organisations of all stripes and sizes, the COVID-19 pandemic has been a challenge. Whether you’ve benefited from a huge increase in online sales or been swamped with customer service calls, whether you have a desk-based team all happily working from home or delivery drivers out on the road at all hours, your IT infrastructure will have played a critical role in keeping your business up and running – and so will your IT team. 

Maintaining good end-user experiences throughout this period was – and still is, in most cases – key to the longer term sustainability of your enterprise. Where IT performance, availability and security issues aren’t dealt with quickly and efficiently, it can cause huge reputational damage or loss of business. 

If you don’t have visibility of remote workers when it comes to productivity, engagement, access, network security and a host of other areas, how do you know things are functioning as they should be? There may be problems you’re not aware of, and if you are aware you may be struggling to find the root cause.

Such problems are compounded by the fact that your IT team are working remotely themselves, with a proportion off on sick leave at any given time. And at the same time, this department is being relied on to support other staff with their IT needs and likely firefighting demand and downtime issues. 

For 15 years now, we’ve been vendor-independent consultants specialising in application and network performance monitoring, so we know which software will give you the visibility you need to track your business metrics. Our solution architects are able to identify new ways to use tools you already have to tackle new problems, as well as recommending tools that will integrate with your existing infrastructure. 

There are numerous examples of software that can be deployed quickly and remotely to provide better visibility of your key data. To give just two, you can use:

  • Ixia’s Hawkeye to run tests from end user laptops or mobile devices, quickly understanding how their home environment is impacting access to key business services. 
  • Instana to gain 1 second granularity into application performance and issues, supporting key containerised applications. This SaaS platform provides immediate visibility of key web applications such as e-commerce. 

We offer support to deploy these solutions quickly and easily, with remote configuration and installation or even technical staff on-site where necessary. By exploring what the most helpful solutions might be for your circumstances, you can use data to your advantage to make better business decisions now and improve your monitoring capability permanently.

You can find out more about some of the solutions we provide in our guide to getting visibility fast. To talk about your specific monitoring needs, call us on 01782 752 369.

Chris Booth

Chris Booth

Solutions Architect

Listens to your problems, then identifies the best tools and products to build solutions.

Call us today on 01782 752 369
KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL